{"id":4047,"date":"2010-11-21T11:45:59","date_gmt":"2010-11-21T16:45:59","guid":{"rendered":"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/?p=4047"},"modified":"2022-12-30T15:46:29","modified_gmt":"2022-12-30T20:46:29","slug":"facebook-is-biggest-social-networking-risk","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/facebook-is-biggest-social-networking-risk\/","title":{"rendered":"Facebook is Biggest Social Networking Risk"},"content":{"rendered":"

\"Facebook Data from anti-malware vendor Sophos<\/a>‘ 2010 Security Threat Report <\/em>(PDF<\/a>) says Facebook<\/a> is the leader in privacy risks, spam, and other malicious activity. 60 percent of the respondents to a Sophos survey identified Facebook as the biggest\u00a0security risk\u00a0in social networking, followed by MySpace<\/a> (18%), Twitter<\/a> (17%), and LinkedIn<\/a> (4%).<\/p>\n

\"\"<\/a>It is not surprising that users regard Facebook as the top risk. Facebook’s over 500 million users, offer criminals a cornucopia of personal data to exploit. \u201cComputer users are spending more time on social networks, sharing sensitive and valuable personal information, and hackers have sniffed out where the money is to be made,\u201d said Graham Cluley<\/a>, senior technology consultant for Sophos.<\/p>\n

Criminals have focused their efforts on social media<\/h3>\n

Sophos’ research shows that criminals have focused their efforts on social networking users in the last 12 months creating an \u201cexplosion\u201d in social networking spam and malware complaints. Sophos found that 57% of social network users were spammed on one of the sites, an increase of 70 percent compared to last year.\u00a0 They also found 36%\u00a0 of social network users reported being sent malware, a 70% increase over last year. \u201cThe dramatic rise in attacks in the last year tells us that social networks and their millions of users have to do more to protect themselves from organized cybercrime, or risk falling prey to identity theft schemes, scams, and malware attacks,\u201d Sophos’ Cluley added.<\/p>\n

Three things working against Facebook users<\/h3>\n

\"\"<\/a>There are three things working against Facebook users, themselves, malware, and Facebook. Facebook users typically give away more private information to Facebook than other sites. Though most people\u2019s profiles it is possible to find out their first, last, and maiden names, where they live, where they went to school, and even worse, historical information like where they lived in the past. A lot of this private information is required on many online credit checks, providing a boom for criminals looking to exploit a user’s credit history or steal their identity.<\/p>\n

The most common malware used on social networks is Koobface<\/a>. Koobface can target all the popular social portals, including Facebook, MySpace, Bebo<\/a>, Friendster<\/a>, Tagged<\/a>, and Twitter. According to the report, Koobface is capable of, “... registering a Facebook account, activating the account by confirming an email sent to a Gmail address, befriending random strangers on the site, joining random Facebook groups, and posting messages on the walls of Facebook friends. Furthermore, it includes code to avoid drawing attention to itself by restricting how many new Facebook friends it makes each day.<\/em>\u201d<\/p>\n

\n

Another threat is Facebook applications. Criminals can create malicious Facebook applications designed to steal information and they can find holes in pre-existing applications and exploit them. Legitimate Facebook apps will give away your information if you allow them to (as I have written about here<\/a> and here<\/a><\/em>). Once an app has permission it can harvest all the information in a Facebook profile and send it to criminals. Before users grant an application access to all of their information, they should Google the publisher to see if they are legitimate or not. Any application that starts doing anything strange or suspicious should be removed immediately.<\/p>\n

Facebook has tried to address these risks by issuing a new privacy policy. However, Sophos’ Cluley called it a step backward, because the new settings are \u201cencouraging many users to share their information with everybody on the internet.\u201d According<\/a> to Facebook only 35% of their users actually customized their settings leaving 65% who presumably didn\u2019t change their settings and continue to share valuable data, which is then used to propagate spam and malware.<\/p>\n

 <\/p>\n<\/div>\n

Ralph Bach<\/a>\u00a0has been in IT long enough to know better and has blogged from his\u00a0Bach Seat<\/a> about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn<\/a>,\u00a0Facebook<\/a>,\u00a0and\u00a0Twitter<\/a>. Email the Bach Seat\u00a0here<\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

Security firm Sophos says that social networker Facebook is the leader in privacy risks spam, and malicious activity online<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23,295],"tags":[3240,104,1096,608,689,317,696,23,685,564,281,95,60,2011],"class_list":["post-4047","post","type-post","status-publish","format-standard","hentry","category-malware","category-social-networking","tag-3240","tag-facebook","tag-fb","tag-identity-theft","tag-koobface","tag-linkedin","tag-lnkd","tag-malware","tag-myspace","tag-social-media","tag-sophos","tag-spam","tag-twitter","tag-twtr"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/4047","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/comments?post=4047"}],"version-history":[{"count":14,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/4047\/revisions"}],"predecessor-version":[{"id":132807,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/4047\/revisions\/132807"}],"wp:attachment":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/media?parent=4047"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/categories?post=4047"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/tags?post=4047"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}